Three rogue journalists were ejected from the Black Hat security conference after being accused of connecting monitoring tools to the press room computer network and sniffing reporters' passwords.
The reporters worked for French-based Global Security Magazine, a Black Hat media sponsor. According to screenshots posted here, the …

COMMENTS

And there's the rub ...

I always enjoy Dan Goodin's articles, and now that Black Hat's on, it's like Christmas at El Reg ...

Back on topic:

Three days to set up a VPN (or indeed any encrypted secure communication or storage) is a problem! If it's going to achieve significant use, it needs to be a five minute operation - about where the frustration limit is for most users these days.

Of course, compatibility is also vital, both for end points to connect to and paths to transmit through.

hypocritical

Do on to you as you do on to others, nothing wrong with what the Journalists did it's all in line with the event, so what are they whining about? The Journalists shouldn't be tried under the laws, hope they slate the Black Hat events.

re: "educate the public"

Well I would agree this wouldn't educate the public except how incompetent even Black Hat conference organisers are and journalists of *tech publications* are about security.

If the conference can't stop someone just surfing details off their network that should be unavailable to the snooper, then the **** Black Hat **** conference is not about security. Probably just a way to get an international jollie.

Bad Form

No, they absolutely should have been kicked out. If there is to be consensual network penetration, it is essential that the boundaries for that consensual activity are respected. Taking the activity outside the agreed zone fundamentally undermines the safeguards, and changes the activity from valuable "lab work" to something illegal.

RE: Bad Form

I figure that the conference is called "Black Hat", so stuff like this should be expected. I don't think the organisers should have kicked the guys out since what they did was presumably in the spirit of the event.

Whether they get charged or not depends on the police, I guess, and if they do - tough.

Re: Pot, Kettle, Blackhat... and @Mark Re: Bad Form

DHCP server ? Meh!

Why go to all that trouble when as any fule kno, by far the easiest way to sniff traffic on a wired ethernet switch is to have at it with a shed load of wonky arp packets ? *

Hell, if you can spoof the gateway's MAC to FF:FF:FF:FF:FF:FF (or often times, just set the I/G bit high) you don't even have to forward the packets. You can only see the outbound traffic, but that's enough for capturing passwords in the clear)

Bit noisy mind.

Shit, maybe they just couldn't figure out the massively outdated dependencies to get dsniff to compile, journos eh ?

What a terrible shock it must have been to the BlackHat attendees and organisers to discover that not everyone plays by the rules or accepts the boundaries laid down for them by others.

OTOH bouncing them was the right thing to do, the last thing the BH organisers need is people committing actual crimes. It's the perfect excuse for the event to be shut down by the numerous law enforcement personnel lurking around the place.

* Yes yes, there's ways to spot and mitigate this, but you have to reckon that any network configures thusly would also have noticed a fraudulent DHCP server.

Dont stick the postit note on the monitor

hello

blackhat infered the wired network was safe. They were wrong, hence they are but hurt and kicked out the reporters. They should have secured their physical network. Why would you allow DHCP... from a client port? Hell they should have the reporters use an internal (to black hat) VPN with assigned usernames/passwords, MAC address filtering, port assignment etc. If you're going to break all the security(black hatters), you should be held to work within the crap-pile you've created.

Don't think for a minute that the presenters at BH don't sniff, test and send non-standard packets to public computers! Dear god, even BH has an EULA now....